APDU Write block commands on mifare card

  apdu, c++, mifare, nfc

I have been trying to writing some data to my mifare classic cards. first I send these two commands which returns 90 00:

Load Mifare Keys:
FF 82 20 01 06 FF FF FF FF FF FF

Authenticate:
FF 86 00 03 05 01 00 05 60 00

now I’m write commands to sector 0 and block 3 and block 4 by this commands
APDU_WRITE_data_1 : FF D 00 03 16
APDU_WRITE_data_1 : FF D 00 04 16

      // writedata1 in block 3 ...
//
    if (nres == SM_SUCCESS)// &&
    //bAPDURes )
{
    nlenrcv = sizeof(btRcv);
    nlencmd = 0;
    
btCmd[nlencmd++] = 0xFF;                // CLA
btCmd[nlencmd++] = 0xD6;                // INS
btCmd[nlencmd++] = 0x00;                // P1, Mifare Block Number MSB
btCmd[nlencmd++] = 0x03;                // P2, Mifare Block Number LSB
btCmd[nlencmd++] = 16;              // Lc, Data Length
memcpy(btCmd + nlencmd, btWrite_1, 16);
nlencmd += 16;

nres = m_Smart.RFTransmit(DEV_INTERNALRF, nlencmd, btCmd, (DWORD*)&nlenrcv, btRcv_1);

// writedata2 in block 4 ...

if (nres == SM_SUCCESS)// &&
    //bAPDURes )
{
    nlenrcv = sizeof(btRcv);
    nlencmd = 0;

    btCmd[nlencmd++] = 0xFF;                // CLA
    btCmd[nlencmd++] = 0xD6;                // INS
    btCmd[nlencmd++] = 0x00;                // P1, Mifare Block Number MSB
    btCmd[nlencmd++] = 0x04;                // P2, Mifare Block Number LSB
    btCmd[nlencmd++] = 16;              // Lc, Data Length
    memcpy(btCmd + nlencmd, btWrite_2, 16);
    nlencmd += 16;

    nres = m_Smart.RFTransmit(DEV_INTERNALRF, nlencmd, btCmd, (DWORD*)&nlenrcv, btRcv_2);

But it doesn’t work
is it the APDU for writing wrong?

Source: Windows Questions C++

LEAVE A COMMENT